EasyVPN Server EasyVPN Remote and Site to Site VPN's on one inside int
I am currently running IOS version: 2801 Software (C2801-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3).
I have 7 site to site VPN connections coming into our main office and tunneling to a single internal vlan.
I am trying to configure the Easy VPN Remote to also tunnel into this same internal interface but it wont allow me.
I'm sure there can be some kind of work around for this issue, but my VPN architecture knowledge is only so good. Is there a way that I can configure my VPN solution so that I can still have my site to site connections and also allow remote clients to connect with CiscoVPN software into the same internal network?
Any help or insight would greatly be appreciated and I thank you in advance.
Please let me know if you need anything from me as far as configs.
Re: EasyVPN Server EasyVPN Remote and Site to Site VPN's on one
I do not have much experience with the Easy VPN Remote implementation. So I am not in a good position to advise on aspects of implementing this. But I have implemented what you describe with site to site VPN tunnels and Remote Access VPN where clients with Cisco VPN software connect to the same router and establish VPN connections. I have done this with command line configuration. Some of the more important aspects of this include:
- maintain the configuration of your site to site tunnels in the crypto map.
- configure a new instance of the crypto map for a dynamic entry. Make sure that the crypto map number for the dynamic map entry is higher than any static entry.
- assuming that you will authenticate the client software users but not the site to site connections include the no-xauth parameter on the crypto key configuration statements for the site to site connections.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...